[Dave Birch] There’s been another rash of stories about fingerprinting and the linking of identity and authentication and I thought I’d take a look at a few of them after my afternoon at the Social Market Foundation. Let’s begin by looking at a mass market use of biometrics…

Under a new law published Monday, Mexico will start a national register of mobile phone users by fingerprinting all customers in an effort to catch criminals who use mobile phone to extort money and negotiate kidnapping ransoms. The new law, which will be in force this April, will give mobile phone companies a year to build the database of their clients – complete with fingerprints and any other personally identifiably information.

[From New Mexico Law to Fingerprint All Mobile Phone Users]

Fingerprint mobile phone users could never happen here, of course. Well, not for a while. But fingerprint mobile providers might…

Vodafone dealership DigitalMobile is the latest employer to introduce fingerprint scanning for staff. DigitalMobile spokesman Will Allan says the scanners have been installed in the company’s 22 stores around the country and most of its 190 staff are using them to clock in and out.

[From Vodafone sales staff asked to scan in – New Zealand’s source for technology news on Stuff.co.nz]

This seems pretty reasonable: using biometrics to make life easy more people is a much more convincing business case and, as far as I can see, a much more effective use of the technology than biometrics for security (outside nuclear missile launch codes and that kind of thing).

Actually, the use of biometrics to identity employees (which has long been almost standard in data centres, nuclear weapons factories and so on) sort of thing is already here.

The Co-operative Group is introducing a system to monitor staff working hours using biometric technology. A new workforce management platform will record the work patterns of 55,000 staff through in-store data collection terminals using finger scan verification – a method of scanning various points on the finger but which creates a file that bears no resemblance to a fingerprint.

[From Co-op to monitor staff using finger scanning – 12 Feb 2009 – Computing]

There are some particularly disreputable people who do need to be monitored very closely and perhaps in their case fingerprints might be the most appropriate means of tracking and controlling them. I’m talking about politicians, naturally, and in Italy they are already taking steps to use biometrics to manage them.

Officials in Italy’s Chamber of Deputies have begun taking MPs’ fingerprints in preparation for the introduction next month of a new voting system inspired by a similar one in operation in the Mexican parliament. It will allow MPs to vote after entering a smart card containing the details of their identity and fingerprints into an electronic voting terminal.

[From Italian MPs fingerprinted to stop absentee voting – Telegraph]

Should we worry about Big Brother getting hold of individuals biometric data? Perhaps not, as it could be that government IT incompetence ends up as the critical privacy-enhancing technology or, more accurately, a kind of privacy-enhancing anti-technology (PEAT) !!

The original Schengen Information System (SIS) focused on text- only data, such as the traveller’s name and passport number. When the EU took in 10 new members in 2004 and began planning how to take them into Schengen, officials decided that it was the perfect opportunity to create a new SIS, capable of processing not just text information, but ‘biometric’ data such as fingerprints and photos. But the new system quickly ran into problems. SIS II stations set up in individual member states were unable to communicate with the central server in Strasbourg, France, while experts reported that some of the data sent through the system simply disappeared en route.

[From Bugs bite the EU’s Big Brother]

So where are we with biometrics on a large scale? All over the place. Without an infrastructure to use biometrics properly, which means as far as I can see some kind of properly organised PKI-based, open standards-based, interoperable scheme, I can’t see where we’re going or how we are going to use biometrics in a positive way to enhance with security or privacy at the European level. Luckily, this is all going to be sorted out (!) at the EEMA eID Interoperability conference in Brussels on 17th/18th March. Look forward to seeing you there.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

1 comment

  1. The Identity & Passport Service (IPS) are obviously not alone in relying on biometrics. A surprisingly large number of their opposite numbers in other countries do the same.
    That doesn’t alter the fact that they are fantasists. It just means there’s a lot of it about. A resurgence of tulipmania?
    It is not wise to entrust your personal details to a fantasist and it is unrealistic to expect a fantasist to protect you from crime and terrorism, http://dematerialisedid.com/BCSL/cmlTalk.html
    The saving grace of IPS so far is that they haven’t achieved anything. We must all wish we could get projects like that, with a charitable sponsor, who expects nothing. All of us, at least, with no dignity.
    Time hangs so heavy on IPS’s hands that James Hall, Chief Executive, has taken on another job. He chairs Project STORK, the project designed to measure and facilitate the interoperability of EU identity management systems.
    Bit of a shame when the source code and logon details of the UK Government Gateway were lost on a USB stick in a pub car park in Cannock. Can’t imagine that the French, Germans, Italians, Spanish, … want to entrust their personal and corporate details to the UK Government gateway now. But that’s what the Lisbon Declaration says they have to do, http://dematerialisedid.com/BCSL/Hall.html
    Bet Mr Hall wishes he hadn’t volunteered now for Porject STORK. It’s the old story, isn’t it – no good deed goes unpunished …

Leave a Reply


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
%d bloggers like this: